devtu-create-tool

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's documentation and templates explicitly instruct the agent to make live HTTP requests and ingest data from public APIs and web endpoints (e.g., SKILL.md and templates like api_tool_template.py using BASE_URL "https://api.example.com", references/advanced-patterns.md showing requests.get, GraphQL introspection and web search steps, and mandatory "Level 3: Real API Testing" in SKILL.md), which clearly pulls untrusted third‑party content that the agent must read and act on.